Nominations for the CIO100 Awards - East Africa Edition are now open!



Raila Odinga: This is how IEBC’s Election Management Database was hacked

Kenya opposition presidential candidate, Raila Odinga, said that IEBC's IT systems were hacked to work on the election results. “From...


Raila Odinga: This is how IEBC’s Election Management Database was hacked
Kenya opposition Raila Odinga, presidential candidate.

Kenya opposition presidential candidate, Raila Odinga, said that IEBC’s IT systems were hacked to work on the election results.

“From the information in our possession, some persons gained entry into the IEBC Election Management Database and assumed the role of our collective sovereign,” said Mr. Odinga via a press statement, posted on ODM official website.

“While Kenyans were bearing the long queues to determine their destiny, the conspirators begun the execution of their plan,” he added.

Mr. Odinga gave a chronological account of how the systems were infiltrated, saying:


  1. At about 12.37 pm on the 8th August 2017, hackers gained entry into our election database through the identity of Chris Msando who was executed barely a week ago into the account of the Mr. Chebukati Chairperson (this is highlighted at page 52 of the document annexed to this statement).

2. They gained full entry into the IEBC systems, acquired powers to write their will and dwarf the peoples’ voice. They created errors into the IEBC Core Server (as highlighted at Page 2 of the document annexed to this statement) that allowed them to turn a democratic process into a function of a formula.

a. At 12.38pm they introduced several programmes (xpstar.dll version 2009) to execute stored procedures in the library and the memory of the IEBC database intended to manipulate data.

b. At 12.38 pm they loaded an algorithm which is a formula to create a percentage gap of 11 percent between our numbers in the presidential race.

c. At 12.41 pm they switched on the read and write, option on the IEBC 2017 Presidential Election Database giving them power to add or delete anything in the IEBC database. At the same time, they set the Date Correlation Optimization to off. In doing this, they effectively disabled the system from detecting date and time.


d. Again, at 12.41pm they set Auto Update Statistics Async to off for database option IEBC Presidential 2017 (as highlighted at Page 4). In doing, this made sure that records sent from the field would not be reflecting on the system. At 12.41 also the DATABASE OPTION DISABLE BROKER was switched to ON. This disabled the database from tracking the events happening in the database.

e. At 12.41pm they set the RECRUSIVE TRIGGERS to OFF for database IEBC PRESIDENTIAL_2017 (highlighted at page 4 of the attachment). Switching those off ensures that the database would not keep record of anything. Then the QOTED IDENTIFIER was switched to off to easily manipulate the database. Then at the same time they switched the NUMERIC ROUNDABORD to off FOR DATABASE IEBC Presidential 2017 to maintain a fixed figure and avoid rounding off values.

f. At 12.41 pm they set the CONCAT NULL YIELDS NULL to OFF for IEBC_PRESIDENTAIL 2017. This prevents populating the database with null values.

g. The AUTO UPDATES STATISTICS was switched to on to enable updating of values in tandem with their programme.


h.They switched AUTO CREATE STATISTICS on to enable their programme traverse the database updating it with their set and desired values to avoid trace.

3. Within just over twelve hours, this attack on our democracy affected the Presidential Elections in all the 47 Counties both in the live process and the back-up.

“The hacking has definitely affected the results of the 2017 General Elections. (This) is a tragedy of monumental proportions and total disaster.” Odinga added.

Do you have a story that you think would interest our readers? write to us